- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Due to the stunning increase in the amount of regulatory and industry requirements such as: Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), and Federal Information Security Management Act (FISMA) a methodology commonly referred to as Governance, Risk and Compliance (GRC) emerged.
Meeting with a group of my ServiceNow peers, all with a strong interest in the GRC disciplines, we decided there needed to be a special GRC track at Knowledge 14. Not to take anything away from the official Knowledge tracks, below is our list of sessions we felt would put you in rooms with others that have similar governance interests.
IT Governance, Risk and Audit Management
April 29, 2:30-3:20 in Moscone West 3020
Speaker: Stacey Card, IT Risk Manager, Kingfisher
Summary: Kingfisher is Europe's largest home improvement retailer, with more than 1,080 stores in nine countries and 78,000 employees. IT governance, risk management and audit readiness are both critical and challenging. In this session, you'll learn from the company's IT Services team experiences in implementing the ServiceNow IT Governance, Risk and Compliance (GRC) module. You'll come away understanding the basic considerations, the benefits realized at Kingfisher, lessons learned, and details of the resulting deployment.
LAB: IT Governance, Risk and Compliance (ITGRC): End Audit Pain
April 29, 3:40-5:40 in Moscone West 3002/3004
Speaker: Guy Yedwab, ServiceNow and Giora Tamir, ServiceNow
Summary: IT governance, risk and compliance (GRC) helps bring order to enterprises' crazy quilt of overlapping regulations, redundant audit programs and manual processes. IT GRC supports documenting policies and procedures, defining and assessing risks, defining controls, generating audits and tracking remediation tasks. This lab will focus on creating control tests using the new Compliance Templates.
Achieving SOX Compliance with the CMDB
April 30, 1:40-2:30 in Moscone West 3016
Speaker: John Eddy, IT Client Service Manager, Spansion Inc.
Summary: Spansion is a leading provider of flash memory solutions. To help ensure compliance with Sarbanes-Oxley (SOX) regulations, the company manages its termination process globally with ServiceNow, creating 30 tasks for each termination processed. The Spansion team added User Account information to the ServiceNow CMDB, then modified then instructed ServiceNow to invoke a task only if the person being terminated was assigned an account. With these steps, the team reduced the creation of unnecessary tasks by more than 50 percent.
GRC Automation: Bringing Control Tests Full Circle
May 1, 11:20-12:10 in Moscone West 3014
Speaker: Chris Sherman, Developer, Careworks Tech and Donald McMullen, ServiceNow Administrator, CareWorks Tech
Summary: ServiceNow IT GRC control tests are an excellent tool for compliance-oriented employers to enforce policies and mitigate risks. In an effort to use our time efficiently for audit data reviews and policy conformance checks, Careworks wanted to automate their control tests. In this session, you'll learn how they automated this complex process with ServiceNow using a variety of methods including filters to schedule specific record queries or using business rules and workflows to assign the results of these scheduled jobs to specific groups and assign to appropriate personnel for review and actions. You'll also see how they brought it full circle by highlighting the results on a custom dashboard.
GRC Meets CMDB at Broward Health
May 1 12:40-1:30 in Moscone West 3003
Speaker: Vijo Menon, Systems Consultant and IT Process Architect, Broward Health
Summary: Governance, risk and compliance (GRC) are critical elements of IT service management and automation, especially for enterprises under constant regulatory scrutiny. To address these challenges, Broward Health has extended the capability of the ServiceNow CMDB to include support for governance and security industry frameworks and best practices. The company is also using ServiceNow to determine if vendors meet the company's corporate compliance and security requirements. In this session, Broward Health will describe its use of ServiceNow to improve GRC and security for firewall management, and offer recommendations that can help you to achieve similar successes at your enterprise.
When Knowledge has concluded and you want to see more about what ServiceNow can do in ITGRC for your organization, do not hesitate to reach out. We can show you how ServiceNow can help you proactively manage process controls by aligning those controls with departmental and corporate policies. Additionally, you can automate the collection of testing evidence and automate reporting. With ServieNow's IT GRC you can strengthen an organization's position with respect to external audits, and reduce compliance reporting costs and improve the ability to address IT risks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
